My WebLink
|
Help
|
About
|
Sign Out
Home
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2014 - 2015
PublicDocuments
>
Finance Department
>
Finance Administration
>
Audit Reports
>
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2014 - 2015
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/14/2016 1:14:01 PM
Creation date
7/14/2016 1:00:25 PM
Metadata
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
33
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
County of Hawai‘i, State of Hawai‘i <br />SCHEDULE OF FINDINGS AND QUESTIONED COSTS (Continued) <br />Fiscal year Ended June 30, 2015 <br />SECTION II - FINANCIAL STATEMENT FINDINGS (Continued) <br />Ref. <br />No.Internal Control Findings <br />2015-002 Physical Security <br />Condition: At June 30, 2015, the servers for the Eden and IAS systems were located in <br />a room at the Civil Defense Center (Center). During our visit to the Center, <br />we noted the following conditions: <br /> Security over the servers is compromised as the door to the room <br />housing these servers is left open due to cooling concerns. Anyone with <br />access to the Civil Defense Center could potentially access the server <br />room. <br /> A fire suppression system was not installed. <br />Criteria: Physical access to servers and other sensitive areas is appropriately <br />restricted to authorized personnel. Devices are used to secure sensitive <br />equipment and storage media from the risk of damage from fire. <br />Cause: The County has not formally documented policies and procedures over the <br />physical security of IT systems at the Center nor effectively designed these <br />controls. <br />Effect: Unauthorized access to the server room could result in unauthorized use, <br />modification, damage or loss of data. The absence of a fire suppression <br />system could increase the likelihood of the loss or destruction of data due to <br />fire. <br />Recommendation <br />We recommend that the County develop formal policies over the physical security of IT <br />systems at the Center and to implement them. The server room should be locked and <br />access to keys or codes should be limited to authorized personnel. A fire suppression <br />system should be installed to prevent or limit the loss of data from fire. <br />SECTION III - FEDERAL AWARD FINDINGS AND QUESTIONED COSTS <br />No matters reported. <br />28 <br /> <br />
The URL can be used to link to this page
Your browser does not support the video tag.